DMARC stands for Domain-based Message Authentication, Reporting, and Conformance. It is an email security protocol that shuts down exact domain impersonation.
The concept is simple - when you send an email and it is received by the destination server, that server will check whether you have DMARC configured and if so, it will verify two things:
That the email came from a source authorized by you and
That the email has been signed with a key that you own
If the email passes a minimum of one of these two validations, the receiving server will let the email through.
In the case that the email comes from a malicious source, it will not be able to pass any of these validations. In that case, if your DMARC record says the email should be rejected, the receiving server will follow the instructions. On a periodic basis, the receiving servers will send a report to OnDMARC with the number of emails passing and failing DMARC validation.
You can also check out our video below that explains how DMARC works.